Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help my pc is out of control with pop ups and redirects

malware redirects pop ups

  • This topic is locked This topic is locked

#16
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
OK.

What about the fix in post # 10 Can you run that ? You said you ran it but it was taking 2 hours or more. What did you eventually do ? Perhaps we could shorten the fix and take a smaller amount at a time....

Thanks
Joe :

I have a lot of patience with this stuff so not to worry, I also understand this stuff is totally confusing at times.....
  • 0

Advertisements


#17
Brenda50

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe

 

Finally the FST completed   Here is the log   Hope it is the right one

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-10-2014
Ran by Brenda at 2014-10-18 00:44:46 Run:6
Running from C:\Users\Brenda\Desktop
Loaded Profile: Brenda (Available profiles: Brenda)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTIONstart
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha485\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha221\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1935\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9027\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home831\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ff [Not Found]
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
CHR HKLM-x32\...\Chrome\Extension: [ianbobkeplelligeejgeljdfdgljcnjl] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ch\VideoPlayerV3beta1213.crx []
CHR HKLM-x32\...\Chrome\Extension: [iebkideapflccachklgbeinjhfeigamo] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ch\MediaBuzzV1mode3344.crx []
CHR HKLM-x32\...\Chrome\Extension: [mpkodcagkabdilcecgmpjjlbajkjfajb] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ch\RichMediaViewV1release7142.crx []
CHR HKLM-x32\...\Chrome\Extension: [plhgnpoeaalmacnhdejkkleickcjfofa] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ch\TrustMediaViewerV1alpha2867.crx []
CHR HKLM-x32\...\Chrome\Extension: [gdnhodjhmdahknapajgfmhlghadbnpik] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ch\WebexpEnhancedV1alpha42.crx []
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input
2014-10-10 13:17 - 2014-10-10 13:17 - 00004368 _____ () C:\WINDOWS\System32\Tasks\CYHPK
2014-10-10 13:16 - 2014-10-10 13:16 - 00004364 _____ () C:\WINDOWS\System32\Tasks\OQERG
2014-10-10 13:18 - 2014-10-10 13:18 - 00003858 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA
2014-10-10 13:18 - 2014-10-10 13:18 - 00003622 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input
C:\Users\Brenda\AppData\Local\Temp\aexyfw5y.dll
C:\Users\Brenda\AppData\Local\Temp\bs.exe
C:\Users\Brenda\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Brenda\AppData\Local\Temp\drv54905.exe
C:\Users\Brenda\AppData\Local\Temp\ezndksyq.dll
C:\Users\Brenda\AppData\Local\Temp\HD_Quality_US_setup.exe
C:\Users\Brenda\AppData\Local\Temp\kbouiafk.dll
C:\Users\Brenda\AppData\Local\Temp\Launcher.exe
C:\Users\Brenda\AppData\Local\Temp\optprosetup.exe
C:\Users\Brenda\AppData\Local\Temp\Quarantine.exe
C:\Users\Brenda\AppData\Local\Temp\SAS6_Update.exe
C:\Users\Brenda\AppData\Local\Temp\setup_399.exe
C:\Users\Brenda\AppData\Local\Temp\SHelp2.exe
C:\Users\Brenda\AppData\Local\Temp\sqlite3.dll
C:\Users\Brenda\AppData\Local\Temp\urz19io0.dll
C:\Users\Brenda\AppData\Local\Temp\xxecndju.dll
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
Task: {1DD6CEDC-D88E-41CB-B4BE-FB511BF9186E} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: {58A86AB7-2BB3-4AE9-800E-545F288C1F72} - System32\Tasks\OQERG => C:\Users\Brenda\AppData\Roaming\OQERG.exe <==== ATTENTION
S2 Update Krab Web; "C:\Program Files (x86)\Krab Web\updateKrabWeb.exe" [X]
C:\Program Files (x86)\Krab Web\updateKrabWeb.exe[X]
EmptyTemp:
reboot:
end
*****************

"C:\WINDOWS\system32\GroupPolicy\Machine" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => Value not found.
"HKCR\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}" => Key not found.
HKCU\Software\Mozilla\Firefox\Extensions\\[email protected] => Value not found.
C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff not found.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ff not found.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ff not found.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha485\ff not found.
C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha221\ff not found.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1935\ff not found.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9027\ff not found.
C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home831\ff not found.
C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ff not found.
C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ff not found.
C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ff not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@popularscreensavers.com/Plugin" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ianbobkeplelligeejgeljdfdgljcnjl" => Key not found.
"C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ch\VideoPlayerV3beta1213.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iebkideapflccachklgbeinjhfeigamo" => Key not found.
"C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ch\MediaBuzzV1mode3344.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpkodcagkabdilcecgmpjjlbajkjfajb" => Key not found.
"C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ch\RichMediaViewV1release7142.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\plhgnpoeaalmacnhdejkkleickcjfofa" => Key not found.
"C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ch\TrustMediaViewerV1alpha2867.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gdnhodjhmdahknapajgfmhlghadbnpik" => Key not found.
"C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ch\WebexpEnhancedV1alpha42.crx" => File/Directory not found.
"C:\Program Files (x86)\Setup Support for Consumer Input" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\CYHPK" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\OQERG" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore" => File/Directory not found.
"C:\Program Files (x86)\Setup Support for Consumer Input" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\aexyfw5y.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\bs.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\ConsumerInputSetup.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\drv54905.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\ezndksyq.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\HD_Quality_US_setup.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\kbouiafk.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\Launcher.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\optprosetup.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\SAS6_Update.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\setup_399.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\SHelp2.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\sqlite3.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\urz19io0.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\xxecndju.dll" => File/Directory not found.
"HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DD6CEDC-D88E-41CB-B4BE-FB511BF9186E}" => Key not found.
C:\Windows\System32\Tasks\ConsumerInputUpdateTaskMachineCore not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConsumerInputUpdateTaskMachineCore" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58A86AB7-2BB3-4AE9-800E-545F288C1F72}" => Key not found.
C:\Windows\System32\Tasks\OQERG not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OQERG" => Key not found.
Update Krab Web => Service not found.
"C:\Program Files (x86)\Krab Web\updateKrabWeb.exe[X]" => File/Directory not found.
EmptyTemp: => Removed 801.1 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====EmptyTemp: => Removed 924 MB temporary data.

==== End of Fixlog ====

 

Thanks for you patience and help

Brenda


  • 0

#18
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
You did the fix correct, but....


I don't like the way it looks. More importantly I made an error in the fix script in post #10, so I'm wondering if that error may have caused the fix to not run correctly, in any event I'd like you to run it again when you get a moment. Post the fix log again.

Thanks
Joe :)
  • 0

#19
Brenda50

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe

 

I ran FRST fix again and it only took a few seconds  here is the log

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-10-2014
Ran by Brenda at 2014-10-19 16:45:29 Run:7
Running from C:\Users\Brenda\Desktop
Loaded Profile: Brenda (Available profiles: Brenda)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
start
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha485\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha221\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1935\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9027\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home831\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ff [Not Found]
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
CHR HKLM-x32\...\Chrome\Extension: [ianbobkeplelligeejgeljdfdgljcnjl] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ch\VideoPlayerV3beta1213.crx []
CHR HKLM-x32\...\Chrome\Extension: [iebkideapflccachklgbeinjhfeigamo] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ch\MediaBuzzV1mode3344.crx []
CHR HKLM-x32\...\Chrome\Extension: [mpkodcagkabdilcecgmpjjlbajkjfajb] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ch\RichMediaViewV1release7142.crx []
CHR HKLM-x32\...\Chrome\Extension: [plhgnpoeaalmacnhdejkkleickcjfofa] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ch\TrustMediaViewerV1alpha2867.crx []
CHR HKLM-x32\...\Chrome\Extension: [gdnhodjhmdahknapajgfmhlghadbnpik] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ch\WebexpEnhancedV1alpha42.crx []
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input
2014-10-10 13:17 - 2014-10-10 13:17 - 00004368 _____ () C:\WINDOWS\System32\Tasks\CYHPK
2014-10-10 13:16 - 2014-10-10 13:16 - 00004364 _____ () C:\WINDOWS\System32\Tasks\OQERG
2014-10-10 13:18 - 2014-10-10 13:18 - 00003858 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA
2014-10-10 13:18 - 2014-10-10 13:18 - 00003622 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input
C:\Users\Brenda\AppData\Local\Temp\aexyfw5y.dll
C:\Users\Brenda\AppData\Local\Temp\bs.exe
C:\Users\Brenda\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Brenda\AppData\Local\Temp\drv54905.exe
C:\Users\Brenda\AppData\Local\Temp\ezndksyq.dll
C:\Users\Brenda\AppData\Local\Temp\HD_Quality_US_setup.exe
C:\Users\Brenda\AppData\Local\Temp\kbouiafk.dll
C:\Users\Brenda\AppData\Local\Temp\Launcher.exe
C:\Users\Brenda\AppData\Local\Temp\optprosetup.exe
C:\Users\Brenda\AppData\Local\Temp\Quarantine.exe
C:\Users\Brenda\AppData\Local\Temp\SAS6_Update.exe
C:\Users\Brenda\AppData\Local\Temp\setup_399.exe
C:\Users\Brenda\AppData\Local\Temp\SHelp2.exe
C:\Users\Brenda\AppData\Local\Temp\sqlite3.dll
C:\Users\Brenda\AppData\Local\Temp\urz19io0.dll
C:\Users\Brenda\AppData\Local\Temp\xxecndju.dll
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
Task: {1DD6CEDC-D88E-41CB-B4BE-FB511BF9186E} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: {58A86AB7-2BB3-4AE9-800E-545F288C1F72} - System32\Tasks\OQERG => C:\Users\Brenda\AppData\Roaming\OQERG.exe <==== ATTENTION
S2 Update Krab Web; "C:\Program Files (x86)\Krab Web\updateKrabWeb.exe" [X]
C:\Program Files (x86)\Krab Web\updateKrabWeb.exe[X]
EmptyTemp:
reboot:
end
*****************

"C:\WINDOWS\system32\GroupPolicy\Machine" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => Value not found.
"HKCR\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}" => Key not found.
HKCU\Software\Mozilla\Firefox\Extensions\\[email protected] => Value not found.
C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff not found.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ff not found.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ff not found.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha485\ff not found.
C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha221\ff not found.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1935\ff not found.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9027\ff not found.
C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home831\ff not found.
C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ff not found.
C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ff not found.
C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ff not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@popularscreensavers.com/Plugin" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ianbobkeplelligeejgeljdfdgljcnjl" => Key not found.
"C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ch\VideoPlayerV3beta1213.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iebkideapflccachklgbeinjhfeigamo" => Key not found.
"C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ch\MediaBuzzV1mode3344.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpkodcagkabdilcecgmpjjlbajkjfajb" => Key not found.
"C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ch\RichMediaViewV1release7142.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\plhgnpoeaalmacnhdejkkleickcjfofa" => Key not found.
"C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ch\TrustMediaViewerV1alpha2867.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gdnhodjhmdahknapajgfmhlghadbnpik" => Key not found.
"C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ch\WebexpEnhancedV1alpha42.crx" => File/Directory not found.
"C:\Program Files (x86)\Setup Support for Consumer Input" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\CYHPK" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\OQERG" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore" => File/Directory not found.
"C:\Program Files (x86)\Setup Support for Consumer Input" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\aexyfw5y.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\bs.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\ConsumerInputSetup.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\drv54905.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\ezndksyq.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\HD_Quality_US_setup.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\kbouiafk.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\Launcher.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\optprosetup.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\SAS6_Update.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\setup_399.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\SHelp2.exe" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\sqlite3.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\urz19io0.dll" => File/Directory not found.
"C:\Users\Brenda\AppData\Local\Temp\xxecndju.dll" => File/Directory not found.
"HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DD6CEDC-D88E-41CB-B4BE-FB511BF9186E}" => Key not found.
C:\Windows\System32\Tasks\ConsumerInputUpdateTaskMachineCore not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConsumerInputUpdateTaskMachineCore" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58A86AB7-2BB3-4AE9-800E-545F288C1F72}" => Key not found.
C:\Windows\System32\Tasks\OQERG not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OQERG" => Key not found.
Update Krab Web => Service not found.
"C:\Program Files (x86)\Krab Web\updateKrabWeb.exe[X]" => File/Directory not found.
EmptyTemp: => Removed 280.6 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
start
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha485\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha221\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1935\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9027\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home831\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ff [Not Found]
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
CHR HKLM-x32\...\Chrome\Extension: [ianbobkeplelligeejgeljdfdgljcnjl] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ch\VideoPlayerV3beta1213.crx []
CHR HKLM-x32\...\Chrome\Extension: [iebkideapflccachklgbeinjhfeigamo] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ch\MediaBuzzV1mode3344.crx []
CHR HKLM-x32\...\Chrome\Extension: [mpkodcagkabdilcecgmpjjlbajkjfajb] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ch\RichMediaViewV1release7142.crx []
CHR HKLM-x32\...\Chrome\Extension: [plhgnpoeaalmacnhdejkkleickcjfofa] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ch\TrustMediaViewerV1alpha2867.crx []
CHR HKLM-x32\...\Chrome\Extension: [gdnhodjhmdahknapajgfmhlghadbnpik] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ch\WebexpEnhancedV1alpha42.crx []
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input
2014-10-10 13:17 - 2014-10-10 13:17 - 00004368 _____ () C:\WINDOWS\System32\Tasks\CYHPK
2014-10-10 13:16 - 2014-10-10 13:16 - 00004364 _____ () C:\WINDOWS\System32\Tasks\OQERG
2014-10-10 13:18 - 2014-10-10 13:18 - 00003858 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA
2014-10-10 13:18 - 2014-10-10 13:18 - 00003622 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input
C:\Users\Brenda\AppData\Local\Temp\aexyfw5y.dll
C:\Users\Brenda\AppData\Local\Temp\bs.exe
C:\Users\Brenda\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Brenda\AppData\Local\Temp\drv54905.exe
C:\Users\Brenda\AppData\Local\Temp\ezndksyq.dll
C:\Users\Brenda\AppData\Local\Temp\HD_Quality_US_setup.exe
C:\Users\Brenda\AppData\Local\Temp\kbouiafk.dll
C:\Users\Brenda\AppData\Local\Temp\Launcher.exe
C:\Users\Brenda\AppData\Local\Temp\optprosetup.exe
C:\Users\Brenda\AppData\Local\Temp\Quarantine.exe
C:\Users\Brenda\AppData\Local\Temp\SAS6_Update.exe
C:\Users\Brenda\AppData\Local\Temp\setup_399.exe
C:\Users\Brenda\AppData\Local\Temp\SHelp2.exe
C:\Users\Brenda\AppData\Local\Temp\sqlite3.dll
C:\Users\Brenda\AppData\Local\Temp\urz19io0.dll
C:\Users\Brenda\AppData\Local\Temp\xxecndju.dll
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
Task: {1DD6CEDC-D88E-41CB-B4BE-FB511BF9186E} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: {58A86AB7-2BB3-4AE9-800E-545F288C1F72} - System32\Tasks\OQERG => C:\Users\Brenda\AppData\Roaming\OQERG.exe <==== ATTENTION
S2 Update Krab Web; "C:\Program Files (x86)\Krab Web\updateKrabWeb.exe" [X]
C:\Program Files (x86)\Krab Web\updateKrabWeb.exe[X]
EmptyTemp:
reboot:
end

 

I'm not sure which log is which so I posted both

 

Thanks

Brenda


  • 0

#20
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

Please post a new FRST Log and additions,txt log,

To do that:

Right click on FRST Icon on the desktop, choose "Run as administrator" place a check mark in the additions.txt box at the bottom then click scan. Post the new Logs for me
  • FRST.TXT
  • Additions.txt

  • 0

#21
Brenda50

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe,

 

Here is the new scans

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Brenda (administrator) on BRENDAPC on 21-10-2014 12:29:32
Running from C:\Users\Brenda\Desktop
Loaded Profile: Brenda (Available profiles: Brenda)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Synaptics\SynTP\DellTouchpad.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6842000 2012-09-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5757328 2012-10-19] (Dell Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2918200 2012-09-20] (Synaptics Incorporated)
HKLM\...\Run: [DellWPF] => C:\Program Files\Synaptics\SynTP\DellTouchpad.exe [4875576 2012-09-20] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2564139484-152270176-2040777850-1001\...\Run: [Google Update] => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-10] (Google Inc.)
HKU\S-1-5-21-2564139484-152270176-2040777850-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2564139484-152270176-2040777850-1001\...\Run: [GoogleChromeAutoLaunch_F3F1F347082F96D0DBAEC2249C80F4F1] => C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {8241E8F1-A9EE-4F50-8FF2-97657CCCABB8} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKCU - DefaultScope {8241E8F1-A9EE-4F50-8FF2-97657CCCABB8} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKCU - {8241E8F1-A9EE-4F50-8FF2-97657CCCABB8} URL = http://www.bing.com/...E10TR&pc=MDDCJS
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha485\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha221\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1935\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9027\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home831\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ff [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Yahoo Extension) - C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-01-23]
CHR Extension: (Google Wallet) - C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-19] (Dell Products, LP.) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-08-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-08-13] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-11-26] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-13] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-13] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-20] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-20] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 12:29 - 2014-10-21 12:30 - 00015879 _____ () C:\Users\Brenda\Desktop\FRST.txt
2014-10-21 12:21 - 2014-10-21 12:21 - 00000000 ___RD () C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-19 16:43 - 2014-10-19 16:44 - 00004437 _____ () C:\Users\Brenda\Desktop\Fix.txt
2014-10-17 20:22 - 2014-10-17 20:22 - 00056832 ___SH () C:\Users\Brenda\Downloads\Thumbs.db
2014-10-17 19:16 - 2014-10-21 12:28 - 00000000 ____D () C:\Users\Brenda\Desktop\FRST-OlderVersion
2014-10-16 00:17 - 2014-09-27 18:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-16 00:17 - 2014-09-13 02:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-16 00:17 - 2014-09-13 01:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-16 00:17 - 2014-09-07 23:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-16 00:17 - 2014-09-07 21:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-16 00:17 - 2014-09-07 21:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-16 00:17 - 2014-09-07 20:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-16 00:17 - 2014-09-07 20:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-16 00:17 - 2014-09-07 20:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-16 00:17 - 2014-09-07 20:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-16 00:17 - 2014-09-07 20:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-16 00:17 - 2014-09-07 20:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-16 00:17 - 2014-09-07 20:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-16 00:17 - 2014-09-07 19:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-16 00:17 - 2014-09-07 19:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-16 00:17 - 2014-09-07 19:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-16 00:17 - 2014-09-07 19:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-16 00:17 - 2014-09-03 20:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-16 00:17 - 2014-09-03 19:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-16 00:17 - 2014-09-03 19:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-16 00:16 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-16 00:16 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-16 00:16 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-16 00:16 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-16 00:16 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-16 00:16 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-16 00:16 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-16 00:16 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-16 00:16 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-16 00:16 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-16 00:16 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-16 00:16 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-16 00:16 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-16 00:16 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-16 00:16 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-16 00:16 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-16 00:16 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-16 00:16 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-16 00:16 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-16 00:16 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-16 00:16 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-16 00:16 - 2014-09-18 20:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-16 00:16 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-16 00:16 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-16 00:16 - 2014-09-18 20:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-16 00:16 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-16 00:16 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-16 00:16 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-16 00:16 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-16 00:16 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-16 00:16 - 2014-09-03 20:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-16 00:16 - 2014-09-03 20:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-16 00:15 - 2014-10-09 18:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-16 00:15 - 2014-10-08 18:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-16 00:15 - 2014-09-18 21:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-16 00:15 - 2014-09-13 02:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-16 00:15 - 2014-09-13 01:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-16 00:15 - 2014-08-28 21:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-16 00:15 - 2014-08-28 19:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-16 00:15 - 2014-08-28 19:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-16 00:15 - 2014-08-16 00:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-16 00:15 - 2014-08-16 00:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-16 00:15 - 2014-08-16 00:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-16 00:15 - 2014-08-15 23:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-16 00:15 - 2014-08-15 23:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-16 00:15 - 2014-08-15 23:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-16 00:15 - 2014-08-15 23:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-16 00:15 - 2014-08-15 23:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-16 00:15 - 2014-08-15 23:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-16 00:15 - 2014-08-15 21:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-16 00:15 - 2014-08-15 21:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-16 00:15 - 2014-08-15 20:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-16 00:15 - 2014-08-15 20:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-16 00:15 - 2014-08-15 20:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-16 00:15 - 2014-08-15 20:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-16 00:15 - 2014-08-15 20:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-16 00:15 - 2014-08-15 20:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-16 00:15 - 2014-08-15 20:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-16 00:15 - 2014-08-15 20:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-16 00:15 - 2014-08-15 20:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 00:15 - 2014-08-15 20:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-16 00:15 - 2014-08-15 20:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-16 00:15 - 2014-08-15 20:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-16 00:15 - 2014-08-15 20:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 00:15 - 2014-08-15 20:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-16 00:15 - 2014-08-15 20:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-16 00:15 - 2014-08-15 20:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-16 00:15 - 2014-08-15 20:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-16 00:15 - 2014-08-15 20:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-16 00:15 - 2014-08-15 20:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-16 00:15 - 2014-08-15 20:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-16 00:15 - 2014-08-15 20:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-16 00:15 - 2014-08-15 20:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-16 00:15 - 2014-08-15 20:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-16 00:15 - 2014-07-31 19:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-14 21:06 - 2014-10-14 21:07 - 00000000 ____D () C:\Users\Brenda\AppData\Roaming\Skype
2014-10-14 21:06 - 2014-10-14 21:06 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-14 21:06 - 2014-10-14 21:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-14 21:06 - 2014-10-14 21:06 - 00000000 ____D () C:\ProgramData\Skype
2014-10-14 21:06 - 2014-10-14 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-14 21:04 - 2014-10-14 21:04 - 00000000 ____D () C:\Users\Brenda\Tracing
2014-10-14 20:57 - 2014-10-14 20:57 - 00001476 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-10-14 20:57 - 2014-10-14 20:57 - 00001323 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-10-14 20:57 - 2014-10-14 20:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-10-14 20:57 - 2014-10-14 20:57 - 00000000 ____D () C:\WINDOWS\en
2014-10-14 20:56 - 2014-10-14 20:56 - 00000000 ____D () C:\Program Files\Windows Live
2014-10-14 20:51 - 2014-10-14 20:51 - 01239752 _____ (Microsoft Corporation) C:\Users\Brenda\Downloads\wlsetup-web.exe
2014-10-13 22:39 - 2014-10-13 22:39 - 00004435 _____ () C:\Users\Brenda\Downloads\fixlist.txt
2014-10-13 22:35 - 2014-10-13 22:36 - 00034601 _____ () C:\Users\Brenda\Downloads\Addition.txt
2014-10-13 22:34 - 2014-10-13 22:36 - 00053664 _____ () C:\Users\Brenda\Downloads\FRST.txt
2014-10-13 22:31 - 2014-10-21 12:28 - 02110976 _____ (Farbar) C:\Users\Brenda\Desktop\FRST64.exe
2014-10-13 21:01 - 2014-10-21 12:29 - 00000000 ____D () C:\FRST
2014-10-13 19:03 - 2014-10-13 19:03 - 00001232 _____ () C:\Users\Brenda\Documents\malware.xml
2014-10-13 18:58 - 2014-10-13 18:58 - 00001046 _____ () C:\malware.txt
2014-10-12 15:16 - 2014-10-12 15:16 - 01976320 _____ () C:\Users\Brenda\Downloads\adwcleaner_4.000 (1).exe
2014-10-12 15:15 - 2014-10-12 15:15 - 01976320 _____ () C:\Users\Brenda\Downloads\adwcleaner_4.000.exe
2014-10-12 14:36 - 2014-10-12 14:36 - 00119284 _____ () C:\Users\Brenda\Downloads\OTL3.Txt
2014-10-12 13:22 - 2014-10-12 13:22 - 00001940 _____ () C:\Users\Brenda\Desktop\JRT.txt
2014-10-12 13:20 - 2014-10-12 13:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-12 13:18 - 2014-10-12 13:18 - 01705755 _____ (Thisisu) C:\Users\Brenda\Downloads\JRT.exe
2014-10-12 13:02 - 2014-10-12 16:20 - 00000000 ____D () C:\AdwCleaner
2014-10-12 13:01 - 2014-10-12 13:01 - 01976320 _____ () C:\Users\Brenda\Downloads\AdwCleaner.exe
2014-10-12 12:39 - 2014-10-12 12:39 - 00117814 _____ () C:\Users\Brenda\Downloads\OTL2.Txt
2014-10-12 11:34 - 2014-10-12 11:34 - 00000000 ____D () C:\_OTL
2014-10-12 01:09 - 2014-10-12 01:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-12 01:06 - 2014-10-12 01:22 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-12 01:06 - 2014-10-12 01:06 - 00000000 ____D () C:\Users\Brenda\AppData\Local\MFAData
2014-10-12 01:06 - 2014-10-12 01:06 - 00000000 ____D () C:\Users\Brenda\AppData\Local\Avg2015
2014-10-12 01:05 - 2014-10-12 01:05 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-12 00:58 - 2014-10-12 00:58 - 04579176 _____ (AVG Technologies) C:\Users\Brenda\Downloads\avg_free_stb_all_2015_5315_cnet.exe
2014-10-12 00:55 - 2014-10-12 00:55 - 00055664 _____ (Premium Installer ) C:\Users\Brenda\Downloads\Ad-Aware.exe
2014-10-11 19:31 - 2014-10-11 19:31 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-10-11 18:24 - 2014-10-11 18:24 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Brenda\Downloads\tdsskiller.exe
2014-10-10 13:18 - 2014-10-10 13:18 - 00003274 _____ () C:\WINDOWS\System32\Tasks\CIMT_S-1-5-21-2564139484-152270176-2040777850-1001
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Users\Brenda\AppData\Roaming\Compete
2014-10-06 22:31 - 2014-10-06 22:31 - 01173968 _____ (ArcadeYum) C:\Users\Brenda\Downloads\ArcadeYumGames.exe
2014-09-30 18:01 - 2014-09-30 18:01 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 12:26 - 2013-02-18 19:49 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2564139484-152270176-2040777850-1001
2014-10-21 12:25 - 2013-01-26 21:24 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-10-21 12:21 - 2013-03-10 11:27 - 00002485 _____ () C:\Users\Brenda\Desktop\Google Chrome.lnk
2014-10-21 12:20 - 2014-08-12 23:17 - 00000000 __RDO () C:\Users\Brenda\OneDrive
2014-10-21 11:20 - 2014-08-12 22:57 - 01154305 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-21 11:17 - 2013-03-10 11:27 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA.job
2014-10-21 11:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-21 09:51 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-21 08:35 - 2013-11-14 21:31 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F86F089A-20FB-4CE9-B888-5287C503C187}
2014-10-20 07:17 - 2013-03-10 11:27 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core.job
2014-10-19 16:51 - 2014-03-18 06:03 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-19 16:47 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-19 16:46 - 2014-03-18 05:54 - 00195986 _____ () C:\WINDOWS\PFRO.log
2014-10-19 16:46 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-16 17:40 - 2013-04-29 19:17 - 00000000 ____D () C:\Program Files (x86)\SUPERAntiSpyware
2014-10-16 16:27 - 2014-03-01 21:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-10-16 14:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-16 07:46 - 2014-08-22 22:52 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-10-16 07:45 - 2013-08-22 10:44 - 00492000 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-16 02:47 - 2014-07-10 09:57 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-16 02:47 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-16 02:47 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-16 02:47 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-16 02:47 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-16 02:47 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-16 01:22 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-14 21:06 - 2013-01-26 21:27 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-10-14 21:04 - 2014-08-12 22:36 - 00000000 ____D () C:\Users\Brenda
2014-10-14 20:58 - 2013-03-14 19:14 - 00000000 ____D () C:\Users\Brenda\AppData\Local\Windows Live
2014-10-14 20:57 - 2013-01-26 21:27 - 00001392 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-10-14 20:56 - 2013-01-26 21:26 - 00011192 _____ () C:\WINDOWS\DirectX.log
2014-10-13 22:40 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-10-13 18:52 - 2014-08-04 19:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-12 16:05 - 2012-07-26 01:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-10-12 14:35 - 2014-08-04 19:52 - 00119284 _____ () C:\Users\Brenda\Downloads\OTL.Txt
2014-10-12 13:11 - 2014-09-18 00:08 - 00001114 _____ () C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-12 13:11 - 2014-09-18 00:08 - 00001084 _____ () C:\Users\Brenda\Desktop\Search.lnk
2014-10-11 20:21 - 2013-02-18 19:39 - 00000000 ____D () C:\Users\Brenda\AppData\Local\Packages
2014-10-11 19:29 - 2014-08-04 19:55 - 00207190 _____ () C:\Users\Brenda\Desktop\OTL.Txt
2014-10-10 21:16 - 2014-08-26 12:33 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-05 22:43 - 2013-08-22 10:46 - 00289033 _____ () C:\WINDOWS\setupact.log
2014-09-30 17:46 - 2013-06-26 12:52 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-29 18:45 - 2013-08-22 11:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-29 18:45 - 2013-08-22 11:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 02:42 - 2014-08-25 21:33 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-19 19:35

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
Ran by Brenda at 2014-10-21 12:31:08
Running from C:\Users\Brenda\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
americanfallsss1.exe (HKLM\...\americanfallsss1_folder) (Version:  - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (Version: 15.0.4181 - AVG Technologies) Hidden
Beaches2012.scr (HKLM\...\Beaches2012_folder) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‎Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG6300 series User Registration (HKLM-x32\...\Canon MG6300 series User Registration) (Version:  - Canon Inc.‎)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CWA Reminder by We-Care.com v4.1.22.3 (HKLM-x32\...\{DB9BF6DA-8030-4A21-9FF4-8856A7556FCF}) (Version: 4.1.22.3 - We-Care.com)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.5 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.5 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.17 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
File Association Manager (HKLM-x32\...\FileAssociationManager) (Version: 0.5 - Amnis Technology Ltd)
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.76 - Google Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Buzz (HKLM-x32\...\MediaBuzzV1mode3344) (Version: 1.1 - Media Buzz) <==== ATTENTION
Media Player (HKLM-x32\...\MediaPlayerV1alpha485) (Version: 1.1 - Media Player) <==== ATTENTION
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PopularScreensavers Toolbar and Software (HKLM-x32\...\PopularScreensavers_7ibar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.012 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6741 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shopping Helper Smartbar (HKLM-x32\...\{C64BEB42-B25D-4674-BB55-4099CB720110}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{6f8946c3-3891-4254-b198-25b9c5482e15}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1014 - SUPERAntiSpyware.com)
The Blu 2.0 (HKLM-x32\...\{BC8C6974-CECD-40E4-9553-287C555DE93A}_is1) (Version:  - Wemo Media Inc.)
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - WebAppTech Coding, LLC) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

24-09-2014 03:03:27 Windows Update
12-10-2014 00:10:46 Scheduled Checkpoint
15-10-2014 00:54:25 Windows Live Essentials
15-10-2014 00:55:32 Installed DirectX
16-10-2014 06:39:07 Windows Defender Checkpoint
19-10-2014 12:12:30 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D52689E-40CA-4ED7-B0F2-1F2F7F543BD0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B4600B8-A5D7-47FD-ABB7-A813A87C5834} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-20] (Synaptics Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {46C3BF98-C8CA-4A09-8842-BF977E0E31FA} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AD37204-F780-407A-9B62-C99FBB3BA1AC} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {5EFD183F-56FE-4E17-8D5A-84AFE5353CDC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-10] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {797626AF-8EC6-4E7B-811D-87DA6D2FBBCE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B0C48B0C-AF64-48F3-AEF4-60E35D25C751} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {B1244550-1DCE-4693-A8B1-1F44D0BFE049} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-10] (Google Inc.)
Task: {B5B70AFC-CF29-40D7-A676-8A4AE0CE4032} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-14] (Microsoft Corporation)
Task: {BACEDC5F-A09D-4A45-A450-599DEE4D58AC} - System32\Tasks\CIMT_S-1-5-21-2564139484-152270176-2040777850-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Task: {BC915396-F911-440D-869F-6152A524777D} - \ConsumerInputUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C83E1518-B7B0-40DA-B597-95BB851BF5E9} - \CYHPK No Task File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E1355356-6CFB-4FAE-B949-A2243235209F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core.job => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA.job => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-01-26 21:19 - 2012-04-24 22:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-12-28 14:39 - 2012-12-28 14:39 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 14:36 - 2012-12-28 14:36 - 00084480 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 14:41 - 2012-12-28 14:41 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2013-01-26 20:05 - 2012-09-20 20:40 - 04875576 _____ () C:\Program Files\Synaptics\SynTP\DellTouchpad.exe
2012-12-28 14:42 - 2012-12-28 14:42 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-17 14:11 - 2014-10-17 14:11 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\80a14cd14e9579821dba2282b4349fef\PSIClient.ni.dll
2013-01-26 21:10 - 2012-06-25 14:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-01-26 21:18 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 15:34 - 2012-06-08 15:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Brenda\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\03342137.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\03342137.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKCU\...\StartupApproved\Run: => "Optimizer Pro"

========================= Accounts: ==========================

Administrator (S-1-5-21-2564139484-152270176-2040777850-500 - Administrator - Disabled)
Brenda (S-1-5-21-2564139484-152270176-2040777850-1001 - Administrator - Enabled) => C:\Users\Brenda
Guest (S-1-5-21-2564139484-152270176-2040777850-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2564139484-152270176-2040777850-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/21/2014 09:30:40 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/21/2014 08:31:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 47951890

Error: (10/21/2014 08:31:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 47951890

Error: (10/21/2014 08:31:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/20/2014 02:46:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3524

Start Time: 01cfec5824fe9cf9

Termination Time: 156

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 7357f2a3-5889-11e4-befb-34238732788c

Faulting package full name:

Faulting package-relative application ID:

Error: (10/20/2014 07:13:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25806969

Error: (10/20/2014 07:13:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25806969

Error: (10/20/2014 07:13:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 07:39:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (10/19/2014 04:47:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Exception code: 0x40000015
Fault offset: 0x0007da8a
Faulting process id: 0x75c
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
Faulting package full name: mbamservice.exe4
Faulting package-relative application ID: mbamservice.exe5

System errors:
=============
Error: (10/21/2014 00:21:09 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (10/21/2014 08:34:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (10/20/2014 06:28:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Windows Malicious Software Removal Tool for Windows 8, 8.1 and Windows Server 2012, 2012 R2 x64 Edition - October 2014 (KB890830).

Error: (10/20/2014 07:16:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (10/19/2014 04:53:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (10/19/2014 04:49:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/19/2014 04:47:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/19/2014 04:36:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (10/19/2014 11:44:00 AM) (Source: DCOM) (EventID: 10010) (User: BRENDAPC)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (10/19/2014 09:10:33 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Microsoft Office Sessions:
=========================
Error: (10/21/2014 09:30:40 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/21/2014 08:31:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 47951890

Error: (10/21/2014 08:31:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 47951890

Error: (10/21/2014 08:31:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/20/2014 02:46:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17344352401cfec5824fe9cf9156C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE7357f2a3-5889-11e4-befb-34238732788c

Error: (10/20/2014 07:13:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25806969

Error: (10/20/2014 07:13:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25806969

Error: (10/20/2014 07:13:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 07:39:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (10/19/2014 04:47:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a75c01cfebdde69dd22fC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe2d6e8603-57d1-11e4-befb-34238732788c

CodeIntegrity Errors:
===================================
  Date: 2014-10-19 19:37:38.232
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

  Date: 2014-10-19 19:37:38.138
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

  Date: 2014-10-19 19:37:38.044
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

  Date: 2014-10-19 19:37:37.888
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

  Date: 2014-10-19 19:37:37.591
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

  Date: 2014-10-19 19:37:37.466
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

  Date: 2014-10-19 19:37:37.169
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

  Date: 2014-10-19 19:37:36.685
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

  Date: 2014-10-19 19:37:36.497
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

  Date: 2014-10-19 19:37:35.528
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel® Pentium® CPU 2127U @ 1.90GHz
Percentage of memory in use: 41%
Total physical RAM: 3977.27 MB
Available physical RAM: 2317.61 MB
Total Pagefile: 6153.27 MB
Available Pagefile: 3432.14 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:455.9 GB) (Free:352.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: A5E300A5)

Partition: GPT Partition Type.

==================== End Of Log ============================

Hope I got it right this time

Thanks

Brenda

 

 

 

 


  • 0

#22
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

Another fix for you.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.

start
Task: {BC915396-F911-440D-869F-6152A524777D} - \ConsumerInputUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {C83E1518-B7B0-40DA-B597-95BB851BF5E9} - \CYHPK No Task File <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKCU\...\StartupApproved\Run: => "Optimizer Pro"

end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.


Post the (Fixlog.txt). that gets saved to the desktop after the fix has run.

How is the computer ?

Thanks
Joe :)
  • 0

#23
Brenda50

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

hi Joe

 

Here is the log of the last fix

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-10-2014
Ran by Brenda at 2014-10-23 09:21:32 Run:8
Running from C:\Users\Brenda\Desktop
Loaded Profile: Brenda (Available profiles: Brenda)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
Task: {BC915396-F911-440D-869F-6152A524777D} - \ConsumerInputUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {C83E1518-B7B0-40DA-B597-95BB851BF5E9} - \CYHPK No Task File <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKCU\...\StartupApproved\Run: => "Optimizer Pro"

end
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC915396-F911-440D-869F-6152A524777D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC915396-F911-440D-869F-6152A524777D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConsumerInputUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C83E1518-B7B0-40DA-B597-95BB851BF5E9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C83E1518-B7B0-40DA-B597-95BB851BF5E9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CYHPK" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKCU\...\StartupApproved\Run: => "Optimizer Pro" => Error: No automatic fix found for this entry.

==== End of Fixlog ====

 

Thanks

Brenda


  • 0

#24
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
What issue remain Brenda ?

Joe
  • 0

#25
Brenda50

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe

 

There doesn't seem to be any more issues right now.  PC seems to be running ok. What would you recommend I do to further protect my PC? Thanks for your time and patience.

 

Sincerely

Brenda


  • 0

Advertisements


#26
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

Lets remove out tools and clean up first, then some tips for you.

Clean up
Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
  • Remove disinfection tools
  • Purge system restore
  • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report.

    No need to post the log report from that.


    Tips


    You usually get infected because your security settings are too low.

    Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

    Safe Computing Practices please read Here

    Thanks
    Joe :)




  • 0

#27
Brenda50

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe

 

Thank you soo much for your help. It is running great now.  I have followed the recommendations on Security Garden,   Thanks again

 

Sincerely

Brenda


  • 0

#28
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
You're welcome,

Nice working with you, I'll close the topic now.

Joe

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP